changeset 1654:cc0fc5131c5c

Rename EPKA -> Plugin
author Matt Johnston <matt@ucc.asn.au>
date Wed, 15 May 2019 21:59:45 +0800
parents 76189c9ffea2
children f52919ffd3b1
files Makefile.in common-session.c configure.ac includes.h pubkeyapi.h runopts.h session.h svr-authpubkey.c svr-runopts.c svr-session.c sysoptions.h
diffstat 11 files changed, 81 insertions(+), 81 deletions(-) [+]
line wrap: on
line diff
--- a/Makefile.in	Wed May 15 09:43:57 2019 -0400
+++ b/Makefile.in	Wed May 15 21:59:45 2019 +0800
@@ -80,13 +80,13 @@
 	scpobjs=$(SCPOBJS)
 endif
 
-ifeq (@DROPBEAR_EPKA@, 1)
+ifeq (@DROPBEAR_PLUGIN@, 1)
     # rdynamic makes all the global symbols of dropbear available to all the loaded shared libraries
     # this allow a plugin to reuse existing crypto/utilities like base64_decode/base64_encode without
     # the need to rewrite them.
-    EPKA_LIBS=-ldl -rdynamic
+    PLUGIN_LIBS=-ldl -rdynamic
 else
-    EPKA_LIBS=
+    PLUGIN_LIBS=
 endif
 
 VPATH=@srcdir@
@@ -198,7 +198,7 @@
 dropbearconvert: $(dropbearconvertobjs)
 
 dropbear: $(HEADERS) $(LIBTOM_DEPS) Makefile
-	$(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBTOM_LIBS) $(LIBS) @CRYPTLIB@ $(EPKA_LIBS)
+	$(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBTOM_LIBS) $(LIBS) @CRYPTLIB@ $(PLUGIN_LIBS)
 
 dbclient: $(HEADERS) $(LIBTOM_DEPS) Makefile
 	$(CC) $(LDFLAGS) -o $@$(EXEEXT) $($@objs) $(LIBTOM_LIBS) $(LIBS)
--- a/common-session.c	Wed May 15 09:43:57 2019 -0400
+++ b/common-session.c	Wed May 15 21:59:45 2019 +0800
@@ -147,8 +147,8 @@
 
 	ses.allowprivport = 0;
 
-#if DROPBEAR_EPKA
-        ses.epka_session = NULL;
+#if DROPBEAR_PLUGIN
+        ses.plugin_session = NULL;
 #endif
 
 	TRACE(("leave session_init"))
--- a/configure.ac	Wed May 15 09:43:57 2019 -0400
+++ b/configure.ac	Wed May 15 21:59:45 2019 +0800
@@ -323,20 +323,20 @@
 	]
 )
 
-AC_ARG_ENABLE(epka,
-	[  --enable-epka           Enable support for External Public Key Authentication plug-in],
+AC_ARG_ENABLE(plugin,
+	[  --enable-plugin           Enable support for External Public Key Authentication plug-in],
 	[
-		AC_DEFINE(DROPBEAR_EPKA, 1, External Public Key Authentication)
+		AC_DEFINE(DROPBEAR_PLUGIN, 1, External Public Key Authentication)
 		AC_MSG_NOTICE(Enabling support for External Public Key Authentication)
-		DROPBEAR_EPKA=1
+		DROPBEAR_PLUGIN=1
 	],
 	[
-		AC_DEFINE(DROPBEAR_EPKA, 0, External Public Key Authentication)
-		DROPBEAR_EPKA=0
+		AC_DEFINE(DROPBEAR_PLUGIN, 0, External Public Key Authentication)
+		DROPBEAR_PLUGIN=0
 	]
 
 )
-AC_SUBST(DROPBEAR_EPKA)
+AC_SUBST(DROPBEAR_PLUGIN)
 
 AC_ARG_ENABLE(fuzz,
 	[  --enable-fuzz           Build fuzzing. Not recommended for deployment.],
--- a/includes.h	Wed May 15 09:43:57 2019 -0400
+++ b/includes.h	Wed May 15 21:59:45 2019 +0800
@@ -164,7 +164,7 @@
 #include <linux/pkt_sched.h>
 #endif
 
-#if DROPBEAR_EPKA
+#if DROPBEAR_PLUGIN
 #include <dlfcn.h>
 #endif
 
--- a/pubkeyapi.h	Wed May 15 09:43:57 2019 -0400
+++ b/pubkeyapi.h	Wed May 15 21:59:45 2019 +0800
@@ -33,21 +33,21 @@
  *
  */
 
-struct EPKAInstance;
-struct EPKASession;
+struct PluginInstance;
+struct PluginSession;
 
 /* API VERSION INFORMATION - 
  * Dropbear will:
  * - Reject any plugin with a major version mismatch
  * - Load and print a warning if the plugin's minor version is HIGHER than
  *   dropbear's minor version (assumes properties are added at the end of
- *   EPKAInstance or EPKASession). This is a case of plugin newer than dropbear. 
+ *   PluginInstance or PluginSession). This is a case of plugin newer than dropbear. 
  * - Reject if the plugin minor version is SMALLER than dropbear one (case
  *   of plugin older than dropbear).
  * - Load (with no warnings) if version match.
  */
-#define DROPBEAR_EPKA_VERSION_MAJOR     1
-#define DROPBEAR_EPKA_VERSION_MINOR     0
+#define DROPBEAR_PLUGIN_VERSION_MAJOR     1
+#define DROPBEAR_PLUGIN_VERSION_MINOR     0
 
 
 /* Creates an instance of the plugin.
@@ -60,7 +60,7 @@
  * If the version MINOR is different, dropbear will allow the plugin to run 
  * only if: plugin_MINOR > dropbear_MINOR
  *
- * If plugin_MINOR < dropbeart_MINOR or if the MAJOR version is different
+ * If plugin_MINOR < dropbear_MINOR or if the MAJOR version is different
  * dropbear will reject the plugin and terminate the execution.
  *
  * addrstring is the IP address of the client.
@@ -68,7 +68,7 @@
  * Returns NULL in case of failure, otherwise a void * of the instance that need
  * to be passed to all the subsequent call to the plugin
  */
-typedef struct EPKAInstance *(* PubkeyExtPlugin_newFn)(int verbose, 
+typedef struct PluginInstance *(* PubkeyExtPlugin_newFn)(int verbose, 
         const char *options,
         const char *addrstring);
 #define DROPBEAR_PUBKEY_PLUGIN_FNNAME_NEW               "plugin_new"
@@ -83,8 +83,8 @@
  * Returns DROPBEAR_SUCCESS (0) if success or DROPBEAR_FAILURE (-1) if
  * authentication fails
  */
-typedef int (* PubkeyExtPlugin_checkPubKeyFn)(struct EPKAInstance *pluginInstance,
-        struct EPKASession **sessionInOut,
+typedef int (* PubkeyExtPlugin_checkPubKeyFn)(struct PluginInstance *PluginInstance,
+        struct PluginSession **sessionInOut,
         const char* algo, 
         unsigned int algolen,
         const unsigned char* keyblob, 
@@ -93,18 +93,18 @@
 
 /* Notify the plugin that auth completed (after signature verification)
  */
-typedef void (* PubkeyExtPlugin_authSuccessFn)(struct EPKASession *session);
+typedef void (* PubkeyExtPlugin_authSuccessFn)(struct PluginSession *session);
 
 /* Deletes a session
  * TODO: Add a reason why the session is terminated. See svr_dropbear_exit (in svr-session.c)
  */
-typedef void (* PubkeyExtPlugin_sessionDeleteFn)(struct EPKASession *session);
+typedef void (* PubkeyExtPlugin_sessionDeleteFn)(struct PluginSession *session);
 
 /* Deletes the plugin instance */
-typedef void (* PubkeyExtPlugin_deleteFn)(struct EPKAInstance *pluginInstance);
+typedef void (* PubkeyExtPlugin_deleteFn)(struct PluginInstance *PluginInstance);
 
 
-/* The EPKAInstance object - A simple container of the pointer to the functions used
+/* The PluginInstance object - A simple container of the pointer to the functions used
  * by Dropbear.
  *
  * A plug-in can extend it to add its own properties
@@ -113,7 +113,7 @@
  * shared library.
  * The delete_plugin function should delete the object.
  */
-struct EPKAInstance {
+struct PluginInstance {
     int                             api_version[2];         /* 0=Major, 1=Minor */
 
     PubkeyExtPlugin_checkPubKeyFn   checkpubkey;            /* mandatory */
@@ -129,7 +129,7 @@
  * The returned buffer will be destroyed when the session is deleted.
  * Option buffer string NULL-terminated
  */
-typedef char * (* PubkeyExtPlugin_getOptionsFn)(struct EPKASession *session);
+typedef char * (* PubkeyExtPlugin_getOptionsFn)(struct PluginSession *session);
 
 
 /* An SSH Session. Created during pre-auth and reused during the authentication.
@@ -142,8 +142,8 @@
  *
  * Store any optional auth options in the auth_options property of the session.
  */
-struct EPKASession {
-    struct EPKAInstance *  plugin_instance;
+struct PluginSession {
+    struct PluginInstance *  plugin_instance;
 
     PubkeyExtPlugin_getOptionsFn   get_options;
 };
--- a/runopts.h	Wed May 15 09:43:57 2019 -0400
+++ b/runopts.h	Wed May 15 21:59:45 2019 +0800
@@ -125,7 +125,7 @@
 
 	char * forced_command;
 
-#if DROPBEAR_EPKA 
+#if DROPBEAR_PLUGIN 
         char *pubkey_plugin;
         char *pubkey_plugin_options;
 #endif
--- a/session.h	Wed May 15 09:43:57 2019 -0400
+++ b/session.h	Wed May 15 21:59:45 2019 +0800
@@ -38,7 +38,7 @@
 #include "chansession.h"
 #include "dbutil.h"
 #include "netio.h"
-#if DROPBEAR_EPKA
+#if DROPBEAR_PLUGIN
 #include "pubkeyapi.h"
 #endif
 
@@ -220,8 +220,8 @@
 	/* set once the ses structure (and cli_ses/svr_ses) have been populated to their initial state */
 	int init_done;
 
-#if DROPBEAR_EPKA
-        struct EPKASession * epka_session;
+#if DROPBEAR_PLUGIN
+        struct PluginSession * plugin_session;
 #endif
 };
 
@@ -248,12 +248,12 @@
 	pid_t server_pid;
 #endif
 
-#if DROPBEAR_EPKA
+#if DROPBEAR_PLUGIN
         /* The shared library handle */
-        void *epka_plugin_handle;
+        void *plugin_handle;
 
         /* The instance created by the plugin_new function */
-        struct EPKAInstance *epka_instance;
+        struct PluginInstance *plugin_instance;
 #endif
 
 };
--- a/svr-authpubkey.c	Wed May 15 09:43:57 2019 -0400
+++ b/svr-authpubkey.c	Wed May 15 21:59:45 2019 +0800
@@ -111,12 +111,12 @@
 		send_msg_userauth_failure(0, 0);
 		goto out;
 	}
-#if DROPBEAR_EPKA
-        if (svr_ses.epka_instance != NULL) {
+#if DROPBEAR_PLUGIN
+        if (svr_ses.plugin_instance != NULL) {
             char *options_buf;
-            if (svr_ses.epka_instance->checkpubkey(
-                        svr_ses.epka_instance,
-                        &ses.epka_session,
+            if (svr_ses.plugin_instance->checkpubkey(
+                        svr_ses.plugin_instance,
+                        &ses.plugin_session,
                         algo, 
                         algolen, 
                         keyblob, 
@@ -126,7 +126,7 @@
                 auth_failure = 0;
 
                 /* Options provided? */
-                options_buf = ses.epka_session->get_options(ses.epka_session);
+                options_buf = ses.plugin_session->get_options(ses.plugin_session);
                 if (options_buf) {
                     struct buf temp_buf = { 
                         .data = (unsigned char *)options_buf,
@@ -193,10 +193,10 @@
 				"Pubkey auth succeeded for '%s' with key %s from %s",
 				ses.authstate.pw_name, fp, svr_ses.addrstring);
 		send_msg_userauth_success();
-#if DROPBEAR_EPKA
-                if ((ses.epka_session != NULL) && (svr_ses.epka_instance->auth_success != NULL)) {
+#if DROPBEAR_PLUGIN
+                if ((ses.plugin_session != NULL) && (svr_ses.plugin_instance->auth_success != NULL)) {
                     /* Was authenticated through the external plugin. tell plugin that signature verification was ok */
-                    svr_ses.epka_instance->auth_success(ses.epka_session);
+                    svr_ses.plugin_instance->auth_success(ses.plugin_session);
                 }
 #endif
                 
--- a/svr-runopts.c	Wed May 15 09:43:57 2019 -0400
+++ b/svr-runopts.c	Wed May 15 21:59:45 2019 +0800
@@ -99,7 +99,7 @@
 					"-W <receive_window_buffer> (default %d, larger may be faster, max 1MB)\n"
 					"-K <keepalive>  (0 is never, default %d, in seconds)\n"
 					"-I <idle_timeout>  (0 is never, default %d, in seconds)\n"
-#if DROPBEAR_EPKA
+#if DROPBEAR_PLUGIN
                                         "-A <authplugin>[,<options>]\n"
                                         "               Enable external public key auth through <authplugin>\n"
 #endif
@@ -133,7 +133,7 @@
 	char* maxauthtries_arg = NULL;
 	char* keyfile = NULL;
 	char c;
-#if DROPBEAR_EPKA
+#if DROPBEAR_PLUGIN
         char* pubkey_plugin = NULL;
 #endif
 
@@ -163,7 +163,7 @@
 #if DROPBEAR_SVR_REMOTETCPFWD
 	svr_opts.noremotetcp = 0;
 #endif
-#if DROPBEAR_EPKA
+#if DROPBEAR_PLUGIN
         svr_opts.pubkey_plugin = NULL;
         svr_opts.pubkey_plugin_options = NULL;
 #endif
@@ -285,7 +285,7 @@
 				case 'u':
 					/* backwards compatibility with old urandom option */
 					break;
-#if DROPBEAR_EPKA
+#if DROPBEAR_PLUGIN
                                 case 'A':
                                         next = &pubkey_plugin;
                                         break;
@@ -410,7 +410,7 @@
 	if (svr_opts.forced_command) {
 		dropbear_log(LOG_INFO, "Forced command set to '%s'", svr_opts.forced_command);
 	}
-#if DROPBEAR_EPKA
+#if DROPBEAR_PLUGIN
         if (pubkey_plugin) {
             char *args = strchr(pubkey_plugin, ',');
             if (args) {
--- a/svr-session.c	Wed May 15 09:43:57 2019 -0400
+++ b/svr-session.c	Wed May 15 21:59:45 2019 +0800
@@ -89,15 +89,15 @@
 	m_free(svr_ses.childpids);
 	svr_ses.childpidsize = 0;
 
-#if DROPBEAR_EPKA
-        if (svr_ses.epka_plugin_handle != NULL) {
-            if (svr_ses.epka_instance) {
-                svr_ses.epka_instance->delete_plugin(svr_ses.epka_instance);
-                svr_ses.epka_instance = NULL;
+#if DROPBEAR_PLUGIN
+        if (svr_ses.plugin_handle != NULL) {
+            if (svr_ses.plugin_instance) {
+                svr_ses.plugin_instance->delete_plugin(svr_ses.plugin_instance);
+                svr_ses.plugin_instance = NULL;
             }
 
-            dlclose(svr_ses.epka_plugin_handle);
-            svr_ses.epka_plugin_handle = NULL;
+            dlclose(svr_ses.plugin_handle);
+            svr_ses.plugin_handle = NULL;
         }
 #endif
 }
@@ -122,10 +122,10 @@
 	m_free(host);
 	m_free(port);
 
-#if DROPBEAR_EPKA
-        /* Initializes the EPKA Plugin */
-        svr_ses.epka_plugin_handle = NULL;
-        svr_ses.epka_instance = NULL;
+#if DROPBEAR_PLUGIN
+        /* Initializes the PLUGIN Plugin */
+        svr_ses.plugin_handle = NULL;
+        svr_ses.plugin_instance = NULL;
         if (svr_opts.pubkey_plugin) {
 #if DEBUG_TRACE
             const int verbose = debug_trace;
@@ -135,33 +135,33 @@
             PubkeyExtPlugin_newFn  pluginConstructor;
 
             /* RTLD_NOW: fails if not all the symbols are resolved now. Better fail now than at run-time */
-            svr_ses.epka_plugin_handle = dlopen(svr_opts.pubkey_plugin, RTLD_NOW);
-            if (svr_ses.epka_plugin_handle == NULL) {
+            svr_ses.plugin_handle = dlopen(svr_opts.pubkey_plugin, RTLD_NOW);
+            if (svr_ses.plugin_handle == NULL) {
                 dropbear_exit("failed to load external pubkey plugin '%s': %s", svr_opts.pubkey_plugin, dlerror());
             }
-            pluginConstructor = (PubkeyExtPlugin_newFn)dlsym(svr_ses.epka_plugin_handle, DROPBEAR_PUBKEY_PLUGIN_FNNAME_NEW);
+            pluginConstructor = (PubkeyExtPlugin_newFn)dlsym(svr_ses.plugin_handle, DROPBEAR_PUBKEY_PLUGIN_FNNAME_NEW);
             if (!pluginConstructor) {
                 dropbear_exit("plugin constructor method not found in external pubkey plugin");
             }
 
             /* Create an instance of the plugin */
-            svr_ses.epka_instance = pluginConstructor(verbose, svr_opts.pubkey_plugin_options, svr_ses.addrstring);
-            if (svr_ses.epka_instance == NULL) {
+            svr_ses.plugin_instance = pluginConstructor(verbose, svr_opts.pubkey_plugin_options, svr_ses.addrstring);
+            if (svr_ses.plugin_instance == NULL) {
                 dropbear_exit("external plugin initialization failed");
             }
             /* Check if the plugin is compatible */
-            if ( (svr_ses.epka_instance->api_version[0] != DROPBEAR_EPKA_VERSION_MAJOR) ||
-                 (svr_ses.epka_instance->api_version[1] < DROPBEAR_EPKA_VERSION_MINOR) ) {
+            if ( (svr_ses.plugin_instance->api_version[0] != DROPBEAR_PLUGIN_VERSION_MAJOR) ||
+                 (svr_ses.plugin_instance->api_version[1] < DROPBEAR_PLUGIN_VERSION_MINOR) ) {
                 dropbear_exit("plugin version check failed: "
                               "Dropbear=%d.%d, plugin=%d.%d",
-                        DROPBEAR_EPKA_VERSION_MAJOR, DROPBEAR_EPKA_VERSION_MINOR,
-                        svr_ses.epka_instance->api_version[0], svr_ses.epka_instance->api_version[1]);
+                        DROPBEAR_PLUGIN_VERSION_MAJOR, DROPBEAR_PLUGIN_VERSION_MINOR,
+                        svr_ses.plugin_instance->api_version[0], svr_ses.plugin_instance->api_version[1]);
             }
-            if (svr_ses.epka_instance->api_version[1] > DROPBEAR_EPKA_VERSION_MINOR) {
+            if (svr_ses.plugin_instance->api_version[1] > DROPBEAR_PLUGIN_VERSION_MINOR) {
                 dropbear_log(LOG_WARNING, "plugin API newer than dropbear API: "
                               "Dropbear=%d.%d, plugin=%d.%d",
-                        DROPBEAR_EPKA_VERSION_MAJOR, DROPBEAR_EPKA_VERSION_MINOR,
-                        svr_ses.epka_instance->api_version[0], svr_ses.epka_instance->api_version[1]);
+                        DROPBEAR_PLUGIN_VERSION_MAJOR, DROPBEAR_PLUGIN_VERSION_MINOR,
+                        svr_ses.plugin_instance->api_version[0], svr_ses.plugin_instance->api_version[1]);
             }
             dropbear_log(LOG_INFO, "successfully loaded and initialized pubkey plugin '%s'", svr_opts.pubkey_plugin);
         }
@@ -209,11 +209,11 @@
 	char fullmsg[300];
 	int i;
 
-#if DROPBEAR_EPKA
-        if ((ses.epka_session != NULL)) {
-            svr_ses.epka_instance->delete_session(ses.epka_session);
+#if DROPBEAR_PLUGIN
+        if ((ses.plugin_session != NULL)) {
+            svr_ses.plugin_instance->delete_session(ses.plugin_session);
         }
-        ses.epka_session = NULL;
+        ses.plugin_session = NULL;
 #endif
 
 	/* Render the formatted exit message */
--- a/sysoptions.h	Wed May 15 09:43:57 2019 -0400
+++ b/sysoptions.h	Wed May 15 21:59:45 2019 +0800
@@ -243,8 +243,8 @@
 	#error "At least one server authentication type must be enabled. DROPBEAR_SVR_PUBKEY_AUTH and DROPBEAR_SVR_PASSWORD_AUTH are recommended."
 #endif
 
-#if (DROPBEAR_EPKA && !DROPBEAR_SVR_PUBKEY_AUTH)
-	#error "You must define DROPBEAR_SVR_PUBKEY_AUTH in order to use External Public Key Authentication (EPKA)"
+#if (DROPBEAR_PLUGIN && !DROPBEAR_SVR_PUBKEY_AUTH)
+	#error "You must define DROPBEAR_SVR_PUBKEY_AUTH in order to use plugins"
 #endif
 
 #if !(DROPBEAR_AES128 || DROPBEAR_3DES || DROPBEAR_AES256 || DROPBEAR_BLOWFISH \